A variety of antivirus techniques are used to scan, execute or otherwise analyze computer files, hard disks, e-mail messages, instant messages, etc. Occasionally, this information that needs to be scanned (or executed) is protected by a password or other security mechanism and the information cannot be opened or executed.
In particular, attachments to e-mail messages and the like may be protected by a password, and this password must be provided in order to open the attachment so that it can be analyzed for computer viruses or other types of malware. Generally, certain antivirus software is able to parse the body of an e-mail message in order to extract the password, and then use this password to open the attachment. But, certain types of passwords or techniques for presenting a password are problematic for antivirus software; the software cannot read or extract the password and thus cannot open the attachment in order to analyze it.
For instance, regular expression matching software is often used to extract the password from the body of an e-mail message. This technique can extract passwords for most e-mail messages such as when the phrase “The password is: pwdforzip” appears in the body of the message. The technique is able to parse this language and determine that the password is in fact “pwdforzip”.
There are some e-mail messages, however, in which the password is provided in a more cryptic manner. For instance, the phrase may be “The password is: 123pwdforzip456. Please remove the numerals when entering the password.” Regular expression software will determine that the password is “123pwdforzip456,” when in fact the actual password is “pwdforzip”. The antivirus software will not be able to open the attachment and will not be able to analyze it.
Accordingly, new techniques and systems are desired that will enable antivirus software to determine the correct password provided in an e-mail message (or similar) in order to open an attachment and analyze it.